From c0f9de4844052b7867180c587d1b6969be2f114d Mon Sep 17 00:00:00 2001
From: Jean byroot Boussier <jean.boussier+github@shopify.com>
Date: Mon, 16 Jan 2023 21:53:58 +0100
Subject: [PATCH 1/2] Rack::MethodOverride handle
 QueryParser::ParamsTooDeepError (#2011)

This middleware already handle two types of parsing issues
but somehow not this one.

Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
---
 lib/rack/method_override.rb  | 2 +-
 test/spec_method_override.rb | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/lib/rack/method_override.rb b/lib/rack/method_override.rb
index 453901fc6..b586f5339 100644
--- a/lib/rack/method_override.rb
+++ b/lib/rack/method_override.rb
@@ -43,7 +43,7 @@ def allowed_methods
 
     def method_override_param(req)
       req.POST[METHOD_OVERRIDE_PARAM_KEY]
-    rescue Utils::InvalidParameterError, Utils::ParameterTypeError
+    rescue Utils::InvalidParameterError, Utils::ParameterTypeError, QueryParser::ParamsTooDeepError
       req.get_header(RACK_ERRORS).puts "Invalid or incomplete POST params"
     rescue EOFError
       req.get_header(RACK_ERRORS).puts "Bad request content body"
diff --git a/test/spec_method_override.rb b/test/spec_method_override.rb
index 5909907b4..ddb105bdf 100644
--- a/test/spec_method_override.rb
+++ b/test/spec_method_override.rb
@@ -100,6 +100,13 @@ def app
     env[Rack::RACK_ERRORS].read.must_match /Bad request content body/
   end
 
+  it "not modify REQUEST_METHOD for POST requests when the params are unparseable because too deep" do
+    env = Rack::MockRequest.env_for("/", method: "POST", input: ("[a]" * 36) + "=1")
+    app.call env
+
+    env["REQUEST_METHOD"].must_equal "POST"
+  end
+
   it "not modify REQUEST_METHOD for POST requests when the params are unparseable" do
     env = Rack::MockRequest.env_for("/", method: "POST", input: "(%bad-params%)")
     app.call env

From ea39e49442e0008bfce4ad628ce52a4be2a20b5b Mon Sep 17 00:00:00 2001
From: Samuel Williams <samuel.williams@oriontransfer.co.nz>
Date: Tue, 17 Jan 2023 09:59:19 +1300
Subject: [PATCH 2/2] Bump patch version.

---
 CHANGELOG.md        | 4 ++++
 lib/rack/version.rb | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3d988e8d1..8d97e94de 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,10 @@
 
 All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference [Keep A Changelog](https://keepachangelog.com/en/1.0.0/).
 
+## [2.2.6] - 2022-01-17
+
+- Extend `Rack::MethodOverride` to handle `QueryParser::ParamsTooDeepError` error. ([#2011](https://github.com/rack/rack/pull/2011), [@byroot](https://github.com/byroot))
+
 ## [2.2.5] - 2022-12-27
 
 ### Fixed
diff --git a/lib/rack/version.rb b/lib/rack/version.rb
index f8324c46f..bc41abeab 100644
--- a/lib/rack/version.rb
+++ b/lib/rack/version.rb
@@ -20,7 +20,7 @@ def self.version
     VERSION.join(".")
   end
 
-  RELEASE = "2.2.5"
+  RELEASE = "2.2.6"
 
   # Return the Rack release as a dotted string.
   def self.release